CWE:
 

Topic
Date
Author
Med.
NEC Universe UM4730 SQL Injection
22.07.2017
b0x41s
Med.
Joomla JoomRecipe 1.0.4 Component - Blind SQL Injection Vulnerability
21.07.2017
Teng
Med.
บ้านเว็บไซต์ SQl inj. Vulnerability
19.07.2017
Shigi
Med.
Delegación de Asociaciones SQL Inj Vulnerability
06.07.2017
Shigi
Med.
iWebSoul CMS SQL Injection Vulnerability
03.07.2017
GhostSecurity
Med.
Royal Custom CMS Admin Login Bypass upload sh3ll
03.07.2017
iranonymous
Med.
Maxikom SQL Injection Vulnerability
03.07.2017
Mr.T959
Med.
Rumahmedia SQL Injection Vulnerability
03.07.2017
Mr.T959
Med.
Konfrenzi SQL Injection Vulnerability
03.07.2017
kirin
Med.
WordPress Plugin Ultimate Product Catalogue 4.2.2 SQL Injection
28.06.2017
Lenon Leite
Med.
GLPI 0.90.4 SQL Injection
28.06.2017
Eric CARTER
Med.
Marvel Solution - SQL injection Vulnerability
27.06.2017
Mersad Security Resear...
Med.
WordPress FormCraft Basic 1.0.5 SQL Injection
26.06.2017
Seyyed Amir Hossein Mi...
Med.
Technomania SQL Injection Vulnerability
25.06.2017
Mr.T959
Med.
Cisco Prime Infrastructure 3.1.6 XXE Injection / XSS / LFD / SQL Injection
25.06.2017
SEC Consult
Med.
Bdhost Soft SQL Injection Vulnerability
24.06.2017
Mr.T959
Med.
Pingaksho Technologies SQL Injection Vulnerability
24.06.2017
Mr.T959
Low
paraVision SQL Injection Vulnerability
24.06.2017
Mr.T959
Low
VeniceDream SQL Injection Vulnerability
22.06.2017
Mr.T959
Med.
Astrotech India SQL Injection Vulnerability
22.06.2017
Mersad Security Resear...
Med.
nuevoMailer 6.0 SQL Injection
19.06.2017
ALEH BOITSAU
Med.
Joomla! Component JoomRecipe 1.0.3 SQL Injection
16.06.2017
EziBilisim
Med.
Alio Applicant Portal 6.0 SQL Injection
15.06.2017
insecurity
Med.
PaulShop SQL Injection
14.06.2017
Se0pHpHack3r
Med.
Real Estate Classifieds SQL Injection
13.06.2017
EziBilisim
Med.
Zenbership CMS 1.0.8 SQL Injection
13.06.2017
Vulnerability Lab
Med.
PaulShop CMS 2017-03-25 SQL Injection
13.06.2017
Se0pHpHack3r
Med.
Zenbership 1.0.8 CMS - Multiple SQL Injection Vulnerabilities
12.06.2017
Vulnerability Lab
Med.
eCom Cart 1.3 SQL Injection
11.06.2017
Alperen Eymen Ozcan
Med.
CMSite Design SQL Injection
08.06.2017
sohaip-hackerDZ
Med.
Xavier 2.4 SQL Injection
07.06.2017
Vulnerability Lab
Med.
Peplink 7.0.0-build1904 XSS / CSRF / SQL Injection / File Deletion
06.06.2017
X41
Med.
Steepleware Admin Login bypass
06.06.2017
Alireza Nejati
Med.
powered by MfN sql injection
06.06.2017
Mkali07
Med.
Akshay CMS SQLi Vulnerability
04.06.2017
Berandal | OWL SQUAD
Med.
Designed by Sea-Lion 2G0M SQL İnjection Vulnerability
03.06.2017
ByBaggins
Med.
Piwigo Facetag 0.0.3 SQL Injection
31.05.2017
Touhid M.Shaikh
Med.
A2 Solutions SQL Injection
28.05.2017
Sh4dow
Med.
WordPress Huge-IT Video Gallery 2.0.4 SQL Injection
28.05.2017
defensecode
Med.
Joomla VideoFlow 1.2.0 - SQL Injection
25.05.2017
Persian Hack Team
Med.
Joomla VideoFlow 1.2.0 SQL Injection
24.05.2017
Persian Hack Team
Med.
Joomla 3.7.0 Fields SQL Injection
20.05.2017
Mateus Lino
Med.
INFOR EAM 11.0 Build 201410 SQL Injection
16.05.2017
Yoroi
Med.
webone cms sql injection vulnerability
14.05.2017
Ashiyane Digital Secur...
Med.
Chloe SQL INJECTION VULNERABILITY
14.05.2017
Mohammad Babaee
Med.
Trashbilling.com / Trashflow 3.0 XSS / SQL Injection
14.05.2017
g00se
Med.
Elevel SQL INJECTION VULNERABILITY
12.05.2017
Mohammad Babaee
Med.
Webres Technologies SQL Injection
12.05.2017
Siber Güvenlik Akadem...
Med.
Online Hotel Booking System V2.0 - Blind SQL İnjection
09.05.2017
Siber Güvenlik Akadem...
Med.
Micro Solutions SQL Injection
09.05.2017
Siber Güvenlik Akadem...
Med.
webnetseo CMS Multiple Vulnerabilities
07.05.2017
Ashiyane Digital Secur...
Med.
9Xperts SQL Injection Vulnerability
07.05.2017
Zero Security Group
Med.
WP Hotel Booking System Plugin 1.2 - Boolean-Based Blind SQL İnjection
06.05.2017
Siber Güvenlik Akadem...
Med.
Pandoora 1.1 SQL Injection
05.05.2017
Locker IT TeaM
Med.
osCommerce TemplateMonster plugin Error-based SQL Injection
04.05.2017
Insecurity
Med.
MODX Revolution 2.5.6 SQL Injection
04.05.2017
Anti RA$?is
Med.
Adım Group Sql İnjection
03.05.2017
ALoNEmANTR
Med.
Joomla Component JGrid 4.44 - SQL Injection
01.05.2017
Persian Hack Team
Med.
Emby MediaServer 3.2.5 Boolean-based Blind SQL Injection Vulnerability
30.04.2017
Gjoko 'LiquidWorm' Krs...
Med.
Ofek Technologies Admin Login bypass
29.04.2017
magelang1337
Med.
TYPO3 News Module SQL Injection
27.04.2017
Charles FOL
Med.
WordPress Wow Forms 2.1 SQL Injection
27.04.2017
TAD GROUP
Med.
WordPress KittyCatfish 2.2 SQL Injection
27.04.2017
TAD GROUP
Med.
WordPress Wow Viral Signups 2.1 SQL Injection
27.04.2017
TAD GROUP
Med.
WordPress Car Rental System 2.5 SQL Injection
27.04.2017
TAD GROUP
Med.
Joomla MyPortfolio 3.0.2 SQL Injection
27.04.2017
Persian Hack Team
Med.
NetOffica Admin Login Bypass
24.04.2017
The Devil
Med.
Wordpress flash album gallery Plugins SQL Vulnerability.
23.04.2017
Ashiyane Digital Secur...
Med.
Wordpress newsletter Plugins SQL Vulnerability.
22.04.2017
Ashiyane Digital Secur...
Med.
Exponent CMS 2.4.1 SQL Injection
22.04.2017
404notfound
Med.
eBay Auction Premium Clone Script 6.42 SQL Injection
22.04.2017
Bilal KARDADOU
Med.
Oracle E-Business Suite 12.2.3 SQL Injection
21.04.2017
Dmitry Chastuhin
Med.
创梦网络信息管理系统 Admin Login Bypass
20.04.2017
3F-Team
Med.
My Qingfeng SQLI Injection Vulnerability
16.04.2017
Ashiyane Digital Secur...
Med.
Joomla com_phocadownload SQL Vulnerability
15.04.2017
Ashiyane Digital Secur...
Med.
Word Directory Script 2.1 Cross Site Scripting / SQL Injection
15.04.2017
Bilal KARDADOU
Med.
MATESO GmbH Password Safe And Repository 7.4.4 b2247 SQL Injection
12.04.2017
Matthias Deeg
Med.
Social Directory Script 2.0 SQL Injection
12.04.2017
Ihsan Sencan
Med.
Classified Portal Software 5.1 SQL Injection
12.04.2017
Ihsan Sencan
Med.
FAQ Script 3.1.3 SQL Injection
12.04.2017
Ihsan Sencan
Med.
Hermosoft CMS Admin Page ByPass
11.04.2017
xBADGIRL21
Med.
Jobscript4Web 4.5 SQL Injection
11.04.2017
TurkCyberArmy
Med.
Wordpress webplayer Plugins SQL Injection Vulnerability
10.04.2017
Ashiyane Digital Secur...
Med.
Wordpress salient Themes SQL Injection Vulnerability
09.04.2017
Ashiyane Digital Secur...
Med.
Moodle 2.x/3.x - SQL Injection
07.04.2017
Marko Belzetski
Med.
طراحی و تولید: " ایران سامانه High Security Level SQL Injection
07.04.2017
Mr.0&1
Low
Joomla Component JobGrok Listing 3.1-1.2.58 - SQL Injection
03.04.2017
Persian Hack Team
Med.
Joomla Component JobGrok Application 3.1-1.2.55 - SQL Injection
03.04.2017
Persian Hack Team
Med.
Techizas Infotech Admin login bypass
01.04.2017
magelang1337
Med.
Innovative Web Ideas SQL Injection
31.03.2017
Azerbaijan Cyber Army
Med.
Opensource Classified Ads Script - SQL Injection
30.03.2017
Ihsan Sencan
Med.
inoERP 0.6.1 CSRF / XSS / SQL Injection
28.03.2017
foxmole
Med.
Tour Package Booking 1.0 SQL Injection
28.03.2017
Ihsan Sencan
Med.
Delux Same Day Delivery Script 1.0 SQL Injection
28.03.2017
Ihsan Sencan
Med.
CouponPHP CMS 3.1 SQL Injection
28.03.2017
Ihsan Sencan
Med.
Just Another Video Script 1.4.3 SQL Injection
28.03.2017
Ihsan Sencan
Med.
Parcel Delivery Booking Script 1.0 SQL Injection
28.03.2017
Ihsan Sencan
Med.
Adult Tube Video Script SQL Injection
28.03.2017
Ihsan Sencan
Med.
Hotel Booking Script 1.0 SQL Injection
28.03.2017
Ihsan Sencan
Med.
B2B Marketplace Script 2.0 SQL Injection
28.03.2017
Ihsan Sencan


CVEMAP Search Results

CVE
Details
Description
2015-02-20
Medium
CVE-2015-1517

Vendor: Piwigo
Software: Piwigo
 

 
SQL injection vulnerability in Piwigo before 2.7.4, when all filters are activated, allows remote authenticated users to execute arbitrary SQL commands via the filter_level parameter in a "Refresh photo set" action in the batch_manager page to admin.php.

 
2015-02-17
Medium
CVE-2015-1616

Vendor: Mcafee
Software: Data loss pr...
 

 
SQL injection vulnerability in the ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3.400 allows remote authenticated ePO users to execute arbitrary SQL commands via unspecified vectors.

 
2015-02-16
Medium
CVE-2015-1434

Vendor: Mylittleforum
Software: My little forum
 

 
Multiple SQL injection vulnerabilities in my little forum before 2.3.4 allow remote administrators to execute arbitrary SQL commands via the (1) letter parameter in a user action or (2) edit_category parameter to index.php.

 
2015-02-12
Medium
CVE-2015-1471

Vendor: Pragyan cms project
Software: Pragyan cms
 

 
SQL injection vulnerability in userprofile.lib.php in Pragyan CMS 3.0 allows remote attackers to execute arbitrary SQL commands via the user parameter to the default URI.

 
2015-02-11
Medium
CVE-2015-1576

Vendor: YUBA
Software: U5cms
 

 
Multiple SQL injection vulnerabilities in u5CMS before 3.9.4 allow remote attackers to execute arbitrary SQL commands via the name parameter to (1) copy2.php, (2) localize.php, (3) metai.php, (4) nc.php, (5) new2.php, or (6) rename2.php in u5admin/; (7) c parameter to u5admin/editor.php; (8) typ parameter to u5admin/meta2.php; or (9) newname parameter to u5admin/rename2.php.

 
2015-02-06
Medium
CVE-2015-1442

Vendor: AAS9
Software: Zerocms
 

 
SQL injection vulnerability in views/zero_transact_user.php in the administrative backend in ZeroCMS 1.3.3, 1.3.2, and earlier allows remote authenticated users to execute arbitrary SQL commands via the user_id parameter in a Modify Account action. NOTE: The article_id parameter to zero_view_article.php vector is already covered by CVE-2014-4034.

 
Medium
CVE-2015-1467

Vendor: Fork-cms
Software: Fork cms
 

 
Multiple SQL injection vulnerabilities in Translations in Fork CMS before 3.8.6 allow remote authenticated users to execute arbitrary SQL commands via the (1) language[] or (2) type[] parameter to private/en/locale/index.

 
Medium
CVE-2015-1513

Vendor: Siphon
Software: Siphone ente...
 

 
SQL injection vulnerability in SIPhone Enterprise PBX allows remote attackers to execute arbitrary SQL commands via the Username.

 
Medium
CVE-2015-1514

Vendor: Fancyfon
Software: Famoc
 

 
Multiple SQL injection vulnerabilities in FancyFon FAMOC before 3.17.4 allow (1) remote attackers to execute arbitrary SQL commands via the device ID REST parameter (PATH_INFO) to /ajax.php or (2) remote authenticated users to execute arbitrary SQL commands via the order parameter to index.php.

 
2015-02-04
Medium
CVE-2014-7864

Vendor: Zohocorp
Software: Manageengine...
 

 
Multiple SQL injection vulnerabilities in the FailOverHelperServlet (aka FailServlet) servlet in ZOHO ManageEngine OpManager 8 through 11.5 build 11400 and IT360 10.5 and earlier allow remote attackers and remote authenticated users to execute arbitrary SQL commands via the (1) customerName or (2) serverRole parameter in a standbyUpdateInCentral operation to servlet/com.adventnet.me.opmanager.servlet.FailOverHelperServlet.

 

 


Copyright 2017, cxsecurity.com